2017-10-30 23:44 GMT+10:30 Peter Lebbing :
> But, I agree that the reverse is not true: a compromised subkey does not
> compromise the primary key in any way I can think of. And systems
> checking for ROCA should not reject a certificate because there is
> something wrong with an already revoked k
On 29/10/17 23:08, Damien Goutte-Gattat wrote:
> This is also true the other way around: knowing the primary private key
> does not allow to deduce the private subkey(s).
This is technically correct but in practice the point can be almost
moot, depending on the threat model.
When you know the pri
On 30/10/17 03:00, Dan Horne wrote:
> However, if I simply decrypt the file I get confirmation of the signature
This was a misunderstanding: gpgv cannot decrypt, so when Werner
suggested gpgv, he mustn't have realised you were decrypting as well as
verifying.
HTH,
Peter.
--
I use the GNU Priva
